Code:
/ FX-1434 / FX-1434 / 1.0 / untmp / whidbey / REDBITS / ndp / clr / src / BCL / System / Security / AccessControl / RegistrySecurity.cs / 1 / RegistrySecurity.cs
// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
/*============================================================
**
** Class: RegistrySecurity
**
**
** Purpose: Managed ACL wrapper for registry keys.
**
**
===========================================================*/
using System;
using System.Collections;
using System.Security.Permissions;
using System.Security.Principal;
using Microsoft.Win32;
using Microsoft.Win32.SafeHandles;
using System.Runtime.InteropServices;
using System.IO;
namespace System.Security.AccessControl
{
// We derived this enum from the definitions of KEY_READ and such from
// winnt.h and from MSDN, plus some experimental validation with regedit.
// http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sysinfo/base/registry_key_security_and_access_rights.asp
[Flags]
public enum RegistryRights
{
// No None field - An ACE with the value 0 cannot grant nor deny.
QueryValues = 0x0001, // query the values of a registry key
SetValue = 0x0002, // create, delete, or set a registry value
CreateSubKey = 0x0004, // required to create a subkey of a specific key
EnumerateSubKeys = 0x0008, // required to enumerate sub keys of a key
Notify = 0x0010, // needed to request change notifications
CreateLink = 0x0020,
ExecuteKey = ReadKey,
ReadKey = Win32Native.STANDARD_RIGHTS_READ | QueryValues | EnumerateSubKeys | Notify,
WriteKey = Win32Native.STANDARD_RIGHTS_WRITE | SetValue | CreateSubKey,
Delete = 0x10000,
ReadPermissions = 0x20000,
ChangePermissions = 0x40000,
TakeOwnership = 0x80000,
FullControl = 0xF003F | Win32Native.STANDARD_RIGHTS_READ | Win32Native.STANDARD_RIGHTS_WRITE
}
public sealed class RegistryAccessRule : AccessRule
{
// Constructor for creating access rules for registry objects
public RegistryAccessRule(IdentityReference identity, RegistryRights registryRights, AccessControlType type)
: this(identity, (int) registryRights, false, InheritanceFlags.None, PropagationFlags.None, type)
{
}
public RegistryAccessRule(String identity, RegistryRights registryRights, AccessControlType type)
: this(new NTAccount(identity), (int) registryRights, false, InheritanceFlags.None, PropagationFlags.None, type)
{
}
public RegistryAccessRule(IdentityReference identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type)
: this(identity, (int) registryRights, false, inheritanceFlags, propagationFlags, type)
{
}
public RegistryAccessRule(string identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type)
: this(new NTAccount(identity), (int) registryRights, false, inheritanceFlags, propagationFlags, type)
{
}
//
// Internal constructor to be called by public constructors
// and the access rule factory methods of {File|Folder}Security
//
internal RegistryAccessRule(
IdentityReference identity,
int accessMask,
bool isInherited,
InheritanceFlags inheritanceFlags,
PropagationFlags propagationFlags,
AccessControlType type )
: base(
identity,
accessMask,
isInherited,
inheritanceFlags,
propagationFlags,
type )
{
}
public RegistryRights RegistryRights {
get { return (RegistryRights) base.AccessMask; }
}
}
public sealed class RegistryAuditRule : AuditRule
{
public RegistryAuditRule(IdentityReference identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
: this(identity, (int) registryRights, false, inheritanceFlags, propagationFlags, flags)
{
}
public RegistryAuditRule(string identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
: this(new NTAccount(identity), (int) registryRights, false, inheritanceFlags, propagationFlags, flags)
{
}
internal RegistryAuditRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
: base(identity, accessMask, isInherited, inheritanceFlags, propagationFlags, flags)
{
}
public RegistryRights RegistryRights {
get { return (RegistryRights) base.AccessMask; }
}
}
public sealed class RegistrySecurity : NativeObjectSecurity
{
public RegistrySecurity()
: base(true, ResourceType.RegistryKey)
{
}
/*
// The name of registry key must start with a predefined string,
// like CLASSES_ROOT, CURRENT_USER, MACHINE, and USERS. See
// MSDN's help for SetNamedSecurityInfo for details.
[SecurityPermission(SecurityAction.Assert, UnmanagedCode=true)]
internal RegistrySecurity(String name, AccessControlSections includeSections)
: base(true, ResourceType.RegistryKey, HKeyNameToWindowsName(name), includeSections)
{
new RegistryPermission(RegistryPermissionAccess.NoAccess, AccessControlActions.View, name).Demand();
}
*/
[SecurityPermission(SecurityAction.Assert, UnmanagedCode=true)]
internal RegistrySecurity(SafeRegistryHandle hKey, String name, AccessControlSections includeSections)
: base(true, ResourceType.RegistryKey, hKey, includeSections, _HandleErrorCode, null )
{
new RegistryPermission(RegistryPermissionAccess.NoAccess, AccessControlActions.View, name).Demand();
}
private static Exception _HandleErrorCode(int errorCode, string name, SafeHandle handle, object context)
{
System.Exception exception = null;
switch (errorCode) {
case Win32Native.ERROR_FILE_NOT_FOUND:
exception = new IOException(Environment.GetResourceString("Arg_RegKeyNotFound", errorCode));
break;
case Win32Native.ERROR_INVALID_NAME:
exception = new ArgumentException(Environment.GetResourceString("Arg_RegInvalidKeyName", "name"));
break;
case Win32Native.ERROR_INVALID_HANDLE:
exception = new ArgumentException(Environment.GetResourceString("AccessControl_InvalidHandle"));
break;
default:
break;
}
return exception;
}
public override AccessRule AccessRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type)
{
return new RegistryAccessRule(identityReference, accessMask, isInherited, inheritanceFlags, propagationFlags, type);
}
public override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
{
return new RegistryAuditRule(identityReference, accessMask, isInherited, inheritanceFlags, propagationFlags, flags);
}
internal AccessControlSections GetAccessControlSectionsFromChanges()
{
AccessControlSections persistRules = AccessControlSections.None;
if (AccessRulesModified)
persistRules = AccessControlSections.Access;
if (AuditRulesModified)
persistRules |= AccessControlSections.Audit;
if (OwnerModified)
persistRules |= AccessControlSections.Owner;
if (GroupModified)
persistRules |= AccessControlSections.Group;
return persistRules;
}
/*
// See SetNamedSecurityInfo docs - we must start strings
// with names like CURRENT_USER, MACHINE, CLASSES_ROOT, etc.
// (Look at SE_OBJECT_TYPE, then the docs for SE_REGISTRY_KEY)
internal static String HKeyNameToWindowsName(String keyName)
{
if (keyName.StartsWith("HKEY_")) {
if (keyName.Equals("HKEY_LOCAL_MACHINE"))
return "MACHINE";
return keyName.Substring(5);
}
return keyName;
}
[SecurityPermission(SecurityAction.Assert, UnmanagedCode=true)]
internal void Persist(String keyName)
{
new RegistryPermission(RegistryPermissionAccess.NoAccess, AccessControlActions.Change, keyName).Demand();
AccessControlSections persistRules = GetAccessControlSectionsFromChanges();
if (persistRules == AccessControlSections.None)
return; // Don't need to persist anything.
String windowsKeyName = HKeyNameToWindowsName(keyName);
base.Persist(windowsKeyName, persistRules);
OwnerModified = GroupModified = AuditRulesModified = AccessRulesModified = false;
}
*/
[SecurityPermission(SecurityAction.Assert, UnmanagedCode=true)]
internal void Persist(SafeRegistryHandle hKey, String keyName)
{
new RegistryPermission(RegistryPermissionAccess.NoAccess, AccessControlActions.Change, keyName).Demand();
WriteLock();
try
{
AccessControlSections persistRules = GetAccessControlSectionsFromChanges();
if (persistRules == AccessControlSections.None)
return; // Don't need to persist anything.
base.Persist(hKey, persistRules);
OwnerModified = GroupModified = AuditRulesModified = AccessRulesModified = false;
}
finally
{
WriteUnlock();
}
}
public void AddAccessRule(RegistryAccessRule rule)
{
base.AddAccessRule(rule);
}
public void SetAccessRule(RegistryAccessRule rule)
{
base.SetAccessRule(rule);
}
public void ResetAccessRule(RegistryAccessRule rule)
{
base.ResetAccessRule(rule);
}
public bool RemoveAccessRule(RegistryAccessRule rule)
{
return base.RemoveAccessRule(rule);
}
public void RemoveAccessRuleAll(RegistryAccessRule rule)
{
base.RemoveAccessRuleAll(rule);
}
public void RemoveAccessRuleSpecific(RegistryAccessRule rule)
{
base.RemoveAccessRuleSpecific(rule);
}
public void AddAuditRule(RegistryAuditRule rule)
{
base.AddAuditRule(rule);
}
public void SetAuditRule(RegistryAuditRule rule)
{
base.SetAuditRule(rule);
}
public bool RemoveAuditRule(RegistryAuditRule rule)
{
return base.RemoveAuditRule(rule);
}
public void RemoveAuditRuleAll(RegistryAuditRule rule)
{
base.RemoveAuditRuleAll(rule);
}
public void RemoveAuditRuleSpecific(RegistryAuditRule rule)
{
base.RemoveAuditRuleSpecific(rule);
}
public override Type AccessRightType
{
get { return typeof(RegistryRights); }
}
public override Type AccessRuleType
{
get { return typeof(RegistryAccessRule); }
}
public override Type AuditRuleType
{
get { return typeof(RegistryAuditRule); }
}
}
}
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- DataGridViewAutoSizeColumnsModeEventArgs.cs
- ParsedAttributeCollection.cs
- ChangePassword.cs
- UrlPath.cs
- ToolboxComponentsCreatedEventArgs.cs
- XmlSchemaObject.cs
- BatchStream.cs
- ValidateNames.cs
- DeclarativeExpressionConditionDeclaration.cs
- PropertySourceInfo.cs
- uribuilder.cs
- FontCollection.cs
- GroupBox.cs
- SrgsText.cs
- TabControlCancelEvent.cs
- Sentence.cs
- FactoryGenerator.cs
- HttpCapabilitiesEvaluator.cs
- ResourceExpressionEditorSheet.cs
- CfgParser.cs
- DocumentViewerConstants.cs
- Positioning.cs
- CodeBlockBuilder.cs
- EdgeProfileValidation.cs
- WindowsSolidBrush.cs
- Selection.cs
- RequestCacheValidator.cs
- NodeCounter.cs
- WebMessageFormatHelper.cs
- AutomationEvent.cs
- IMembershipProvider.cs
- Form.cs
- EnumerableRowCollection.cs
- IgnoreFlushAndCloseStream.cs
- loginstatus.cs
- Size.cs
- SingleKeyFrameCollection.cs
- EventListener.cs
- ToolStripPanelRenderEventArgs.cs
- PerfProviderCollection.cs
- LookupNode.cs
- EmptyStringExpandableObjectConverter.cs
- TreeViewItemAutomationPeer.cs
- Random.cs
- OuterGlowBitmapEffect.cs
- FactoryRecord.cs
- SafeNativeMethods.cs
- SpnEndpointIdentityExtension.cs
- FileDialog_Vista_Interop.cs
- TimeIntervalCollection.cs
- Model3D.cs
- PerfCounters.cs
- BuildProvider.cs
- WebPartUtil.cs
- RowVisual.cs
- Action.cs
- FactoryGenerator.cs
- CommandBindingCollection.cs
- LocalizabilityAttribute.cs
- WebConfigurationFileMap.cs
- ListViewContainer.cs
- SelectionEditingBehavior.cs
- XmlSchemaComplexContent.cs
- ItemAutomationPeer.cs
- ContextCorrelationInitializer.cs
- FlowDocumentReaderAutomationPeer.cs
- ResourceProviderFactory.cs
- SecuritySessionFilter.cs
- XmlSchemaObjectTable.cs
- ForEachAction.cs
- RangeBaseAutomationPeer.cs
- ApplicationCommands.cs
- BooleanKeyFrameCollection.cs
- Int32Converter.cs
- XmlDocumentSerializer.cs
- CharEnumerator.cs
- PropertyPath.cs
- TdsParserStaticMethods.cs
- HttpErrorTraceRecord.cs
- TargetFrameworkUtil.cs
- AliasGenerator.cs
- DynamicResourceExtensionConverter.cs
- MonthCalendar.cs
- PropertyFilterAttribute.cs
- BrowserCapabilitiesFactory.cs
- HttpStreamMessageEncoderFactory.cs
- ClientTarget.cs
- EntityContainerEmitter.cs
- DataGridViewCellFormattingEventArgs.cs
- contentDescriptor.cs
- TypedDataSetSchemaImporterExtensionFx35.cs
- CodeDelegateInvokeExpression.cs
- LinqToSqlWrapper.cs
- Certificate.cs
- Module.cs
- PaperSize.cs
- DiscoveryServerProtocol.cs
- IApplicationTrustManager.cs
- AnimationLayer.cs
- MailSettingsSection.cs